From 4e1941fedbe46bafce9aded3a0a38d272fec37a2 Mon Sep 17 00:00:00 2001
From: David Lawrence <dkl@mozilla.com>
Date: Tue, 4 Nov 2014 11:11:09 +0800
Subject: Bug 1090427: Backport bug 713926 to bmo/4.2 to protect against csrf
 for login forms

---
 Bugzilla/Auth.pm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'Bugzilla/Auth.pm')

diff --git a/Bugzilla/Auth.pm b/Bugzilla/Auth.pm
index 2c58b52a8..9f4fb8fa3 100644
--- a/Bugzilla/Auth.pm
+++ b/Bugzilla/Auth.pm
@@ -168,7 +168,7 @@ sub _handle_login_result {
         if ($self->{_info_getter}->{successful}->requires_persistence
             and !Bugzilla->request_cache->{auth_no_automatic_login}) 
         {
-            $self->{_persister}->persist_login($user);
+            $user->{_login_token} = $self->{_persister}->persist_login($user);
         }
     }
     elsif ($fail_code == AUTH_ERROR) {
-- 
cgit v1.2.3-24-g4f1b